﻿<html DIR="LTR" xmlns:tool="http://www.microsoft.com/tooltip" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ddue="http://ddue.schemas.microsoft.com/authoring/2003/5" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
  <head>
    <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=utf-8" />
    <META NAME="save" CONTENT="history" />
    <title>Connecting with SSL Encryption</title>
    
    <link rel="stylesheet" type="text/css" href="../local/Classic.css">
      
    </link>
    
    <script src="../local/script.js">
      
    </script><script src="../local/script_main.js">&amp;nbsp;</script>
  </head>
  <body>
    <!--Topic built:03/26/2010 02:49:39-->

    
    
    
    
    
    
    
    
    
    <div id="header">
      <table width="100%" id="topTable"><tr>
          <td align="left">
            <span id="headerBold">Connecting with SSL Encryption</span>
          </td>
          <td align="right">
            
          </td>
        </tr></table>
      
      
      
    </div>
    <div id="mainSection">
      
        
        
    <font color="DarkGray">
      
    </font>
    <p />
    
    <p />
  
        <div id="introductionSection" class="section">
    <p>The examples in this topic describe how to use connection string properties that allow applications to use Secure Sockets Layer (SSL) encryption in a Java application. For more information about these new connection string properties such as <b>encrypt</b>, <b>trustServerCertificate</b>, <b>trustStore</b>, <b>trustStorePassword</b>, and <b>hostNameInCertificate</b>, see <a href="f1b62700-f046-488d-bd6b-a5cd8fc345b7.htm">Setting the Connection Properties</a>.</p>
    <p>When the <b>encrypt</b> property is set to <b>true</b> and the <b>trustServerCertificate</b> property is set to <b>true</b>, the Microsoft SQL Server JDBC Driver will not validate the SQL Server SSL certificate. This is usually required for allowing connections in test environments, such as where the SQL Server instance has only a self signed certificate.</p>
    <p>The following code example demonstrates how to set the <b>trustServerCertificate</b> property in a connection string:</p>
    <div class="sampleCode"><span codeLanguage="other"><pre>String connectionUrl = 
    "jdbc:sqlserver://localhost:1433;" +
     "databaseName=AdventureWorks;integratedSecurity=true;" +
     "encrypt=true;trustServerCertificate=true";</pre></span></div>
    <p>When the <b>encrypt</b> property is set to <b>true</b> and the <b>trustServerCertificate</b> property is set to <b>false</b>, the Microsoft SQL Server JDBC Driver will validate the SQL Server SSL certificate. Validating the server certificate is a part of the SSL handshake and ensures that the server is the correct server to connect to. In order to validate the server certificate, the trust material must be supplied at connection time either by using <b>trustStore</b> and <b>trustStorePassword</b> connection properties explicitly, or by using the underlying Java Virtual Machine (JVM)'s default trust store implicitly. </p>
    <p>The <b>trustStore</b> property specifies the path (including filename) to the certificate trustStore file, which contains the list of certificates that the client trusts. The <b>trustStorePassword</b> property specifies the password used to check the integrity of the trustStore data. For more information on using the JVM's default trust store, see the <a href="ae34cd1f-3569-4759-80c7-7c9b33b3e9eb.htm">Configuring the Client for SSL Encryption</a>.</p>
    <p>The following code example demonstrates how to set the <b>trustStore</b> and <b>trustStorePassword</b> properties in a connection string: </p>
    <div class="sampleCode"><span codeLanguage="other"><pre>String connectionUrl = 
    "jdbc:sqlserver://localhost:1433;" +
     "databaseName=AdventureWorks;integratedSecurity=true;" +
     "encrypt=true; trustServerCertificate=false;" +
     "trustStore=storeName;trustStorePassword=storePassword";</pre></span></div>
    <p>The JDBC Driver provides an additional property, <b>hostNameInCertificate</b>, which specifies the host name of the server. The value of this property must match the subject property of the certificate. </p>
    <p>The following code example demonstrates how to use the <b>hostNameInCertificate</b> property in a connection string:</p>
    <div class="sampleCode"><span codeLanguage="other"><pre>String connectionUrl = 
    "jdbc:sqlserver://localhost:1433;" +
     "databaseName=AdventureWorks;integratedSecurity=true;" +
     "encrypt=true; trustServerCertificate=false;" +
     "trustStore=storeName;trustStorePassword=storePassword" +
     "hostNameInCertificate=hostName";</pre></span></div>
    <div style="margin: .5em 1.5em .5em 1.5em"><b>Note: </b>
      Alternatively, you can set the value of connection properties by using the appropriate <b>setter</b> methods provided by the <a href="097434fd-2b74-411c-a5ed-eba04481dde5.htm">SQLServerDataSource</a> class.<p />
    </div>
  </div><span id="seeAlsoSpan"><h1 class="heading">See Also</h1></span><div id="seeAlsoSection" class="section" name="collapseableSection"><a href="8e566243-2f93-4b21-8065-3c8336649309.htm">Using SSL Encryption</a><br /><a href="90724ec6-a9cb-43ef-903e-793f89410bc0.htm">Securing JDBC Driver Applications</a><br /><br /></div><!--[if gte IE 5]>
			<tool:tip element="seeAlsoToolTip" avoidmouse="false"/><tool:tip element="languageFilterToolTip" avoidmouse="false"/><tool:tip element="roleInfoSpan" avoidmouse="false"/>
		<![endif]-->
      <div id="footer" class="section">
        
		<hr />
		
		<span id="fb" class="feedbackcss">
			
			
		</span>
		
		<a href="9bad553b-9e70-4696-8499-2e35f772a1e0.htm">
			
			© 2010 Microsoft Corporation. All rights reserved.
		</a>
 	
	
      </div>
    </div>
  </body>
</html>